• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2024-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #ifndef SIGNATRUETOOLS_VERIFY_OPENSSL_UTILS_H
16 #define SIGNATRUETOOLS_VERIFY_OPENSSL_UTILS_H
17 #include <string>
18 #include <vector>
19 
20 #include "pkcs7_context.h"
21 #include "signature_info.h"
22 #include "export_define.h"
23 #include "byte_buffer.h"
24 #include "openssl/evp.h"
25 #include "openssl/ossl_typ.h"
26 #include "openssl/pkcs7.h"
27 #include "openssl/safestack.h"
28 #include "digest_parameter.h"
29 #include "verify_cert_openssl_utils.h"
30 
31 namespace OHOS {
32 namespace SignatureTools {
33 
34 class VerifyHapOpensslUtils {
35 public:
36     VerifyHapOpensslUtils() = delete;
37     DLL_EXPORT static bool ParsePkcs7Package(const unsigned char packageData[],
38                                              uint32_t packageLen, Pkcs7Context& pkcs7Context);
39     DLL_EXPORT static bool GetCertChains(PKCS7* p7, Pkcs7Context& pkcs7Context);
40 
41     DLL_EXPORT static bool GetCrlStack(PKCS7* p7, STACK_OF(X509_CRL)* x509Crl);
42     DLL_EXPORT static bool VerifyPkcs7(Pkcs7Context& pkcs7Context);
43 
44     static void GetOpensslErrorMessage();
45 
46 private:
47     DLL_EXPORT static bool VerifyPkcs7SignedData(Pkcs7Context& pkcs7Context);
48     DLL_EXPORT static bool VerifySignInfo(STACK_OF(PKCS7_SIGNER_INFO)* signerInfoStack,
49                                           BIO* p7Bio, int32_t signInfoNum, Pkcs7Context& pkcs7Context);
50     static bool VerifyCertChain(CertChain& certsChain, PKCS7* p7, PKCS7_SIGNER_INFO* signInfo,
51                                 Pkcs7Context& pkcs7Context, CertSign& certVisitSign);
52     static bool GetContentInfo(const PKCS7* p7ContentInfo, ByteBuffer& content);
53     static bool CheckPkcs7SignedDataIsValid(const PKCS7* p7);
54 
55     static const int32_t OPENSSL_PKCS7_VERIFY_SUCCESS;
56     static const int32_t OPENSSL_ERR_MESSAGE_MAX_LEN;
57     static const int32_t OPENSSL_READ_DATA_MAX_TIME;
58     static const int32_t OPENSSL_READ_DATA_LEN_EACH_TIME;
59     static const int32_t MAX_OID_LENGTH;
60     static const std::string PKCS7_EXT_SHAWITHRSA_PSS;
61 };
62 } // namespace SignatureTools
63 } // namespace OHOS
64 #endif // SIGNATRUETOOLS_VERIFY_OPENSSL_UTILS_H
65